Method, Apparatus, System, and Article of Manufacture for Generating a Response in an Offload Adapter

1. A method, comprising: receiving, by a network adapter having an offload protocol stack, a query; configuring the offload protocol stack of the network adapter to provide a programmable identity for the offload protocol stack of the network adapter, by: (i) determining that a vulnerability of a first protocol stack emulation of the offload protocol stack has been exposed; and (ii) configuring the offload protocol stack to emulate a second protocol stack, in response to determining that the vulnerability of the first protocol stack emulation has been exposed; generating a response to the query by processing the query in the configured offload protocol stack, wherein the response is based on the programmable identity, wherein the programmable identity of the offload protocol stack is capable of being provided by configuring the offload protocol stack to generate the response with an inconsistent signature, and wherein the response is generated with the inconsistent signature by randomly choosing among a plurality of alternative code paths to respond to the query; and sending, by the network adapter, the generated response, wherein the programmable identity prevents a correct identification of the offload protocol stack based on an analysis of the sent response to the query.

2. The method of claim 1 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate a plurality of protocol stacks, wherein those protocol stacks that are under cyber attack are less preferred for emulation by the offload protocol stack in comparison to those protocol stacks that are likely to be immune to cyber attacks.

3. The method of claim 2 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate an operating system protocol stack implemented by an operating system in a host to which the network adapter is coupled, wherein the offload protocol stack avoids being vulnerable in situations in which the operating system protocol stack is vulnerable because the offload protocol stock executes code that is different from code executed by the operating system protocol stack.

4. The method of claim 1 , further comprising: receiving, at the network adapter, a command that attempts to exploit a vulnerability of the network adapter based on the programmable identity; and processing the command correctly, by the network adapter, wherein subsequent commands are also processed correctly by the network adapter.

5. The method of claim 3 , wherein the network adapter is an offload adapter that couples a host to a network, wherein the query is intended to correctly identify the offload protocol stack of the network adapter, wherein the query includes an implicit query, and wherein the response includes an implicit response, wherein the query is designed to be used against a specific protocol stack with a known exploitable error.

6. A network adapter, comprising: an offload protocol stack; and a processing element coupled to the offload protocol stack, wherein the network adapter is capable of receiving a query, wherein the processing element is capable of configuring the offload protocol stack to provide a programmable identity for the offload protocol stack by determining that a vulnerability of a first protocol stack emulation of the offload protocol stack has been exposed and by configuring the offload protocol stack to emulate a second protocol stack, in response to determining that the vulnerability of the first protocol stack emulation has been exposed, wherein the offload protocol stack is capable of generating a response to the query by processing the query in the configured offload protocol stack, wherein the response is based on the programmable identity, wherein the programmable identity of the offload protocol stack is capable of being provided by configuring the offload protocol stack to generate the response with an inconsistent signature, and wherein the response is generated with the inconsistent signature by randomly choosing among a plurality of alternative code paths to respond to the query, and wherein the network adapter is capable of sending the generated response, and wherein the programmable identity prevents a correct identification of the offload protocol stack based on an analysis of the sent response to the query.

7. The network adapter of claim 6 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate a plurality of protocol stacks, wherein those protocol stacks that are under cyber attack are less preferred for emulation by the offload protocol stack in comparison to those protocol stacks that are likely to be immune to cyber attacks.

8. The network adapter of claim 7 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate an operating system protocol stack implemented by an operating system in a host to which the network adapter is coupled, wherein the offload protocol stack avoids being vulnerable in situations in which the operating system protocol stack is vulnerable because the offload protocol stock executes code that is different from code executed by the operating system protocol stack.

9. The network adapter of claim 6 , wherein the network adapter is capable of receiving a command that attempts to exploit a vulnerability of the network adapter based on the programmable identity, and wherein the network adapter is capable of processing the command correctly, wherein subsequent commands are also processed correctly by the network adapter.

10. The network adapter of claim 8 , wherein the network adapter comprises an offload adapter that couples a host to a network, wherein the query is intended to correctly identify the offload protocol stack of the network adapter, wherein the query includes an implicit query, and wherein the response includes an implicit response wherein the query is designed to be used against a specific protocol stack with a known exploitable error.

11. A system, comprising: a computational device; a data storage coupled to the computational device; a data storage controller to manage Input/Output access to the data storage, wherein the data storage controller is coupled to the computational device; a network adapter coupled to the computational device; and an offload protocol stack implemented in the network adapter, wherein the network adapter is capable of receiving a query, wherein the network adapter is capable of configuring the offload protocol stack to provide a programmable identity for the offload protocol stack by determining that a vulnerability of a first protocol stack emulation of the offload protocol stack has been exposed and by configuring the offload protocol stack to emulate a second protocol stack, in response to determining that the vulnerability of the first protocol stack emulation has been exposed, wherein the offload protocol stack is capable of generating a response to the query by processing the query in the configured offload protocol stack, wherein the response is based on the programmable identity, wherein the programmable identity of the offload protocol stack is capable of being provided by configuring the offload protocol stack to generate the response with an inconsistent signature, and wherein the response is generated with the inconsistent signature by randomly choosing among a plurality of alternative code paths to respond to the query, wherein the network adapter is capable of sending the generated response, and wherein the programmable identity prevents a correct identification of the offload protocol stack based on an analysis of the sent response to the query.

12. The system of claim 11 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate a plurality of protocol stacks, wherein those protocol stacks that are under cyber attack are less preferred for emulation by the offload protocol stack in comparison to those protocol stacks that are likely to be immune to cyber attacks.

13. The system of claim 12 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate an operating system protocol stack implemented by an operating system in a host to which the network adapter is coupled, wherein the offload protocol stack avoids being vulnerable in situations in which the operating system protocol stack is vulnerable because the offload protocol stock executes code that is different from code executed by the operating system protocol stack.

14. An article of manufacture, wherein the article of manufacture comprises a storage medium having stored therein instructions that when executed by a machine results in operations, the operations comprising: receiving, by a network adapter having an offload protocol stack, a query; configuring the offload protocol stack of the network adapter to provide a programmable identity for the offload protocol stack of the network adapter, by: (i) determining that a vulnerability of a first protocol stack emulation of the offload protocol stack has been exposed; and (ii) configuring the offload protocol stack to emulate a second protocol stack, in response to determining that the vulnerability of the first protocol stack emulation has been exposed; generating a response to the query by processing the query in the configured offload protocol stack, wherein the response is based on the programmable identity, wherein the programmable identity of the offload protocol stack is capable of being provided by configuring the offload protocol stack to generate the response with an inconsistent signature, and wherein the response is generated with the inconsistent signature by randomly choosing among a plurality of alternative code paths to respond to the query; and sending, by the network adapter, the generated response, wherein the programmable identity prevents a correct identification of the offload protocol stack based on an analysis of the sent response to the query.

15. The article of manufacture of claim 14 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate a plurality of protocol stacks, wherein those protocol stacks that are under cyber attack are less preferred for emulation by the offload protocol stack in comparison to those protocol stacks that are likely to be immune to cyber attacks.

16. The article of manufacture of claim 15 , wherein the programmable identity of the network adapter is capable of being provided by configuring the offload protocol stack to emulate an operating system protocol stack implemented by an operating system in a host to which the network adapter is coupled, wherein the offload protocol stack avoids being vulnerable in situations in which the operating system protocol stack is vulnerable because the offload protocol stock executes code that is different from code executed by the operating system protocol stack.

17. The article of manufacture of claim 14 , the operations further comprising: receiving, at the network adapter, a command that attempts to exploit a vulnerability of the network adapter based on the programmable identity; and processing the command correctly, by the network adapter, wherein subsequent commands are also processed correctly by the network adapter.

18. The article of manufacture of claim 16 , wherein the network adapter is an offload adapter that couples a host to a network, wherein the query is intended to correctly identify the offload protocol stack of the network adapter, wherein the query includes an implicit query, and wherein the response includes an implicit response, wherein the query is designed to be used against a specific protocol stack with a known exploitable error.

19. The system of claim 13 , wherein the network adapter is an offload adapter that couples a host to a network, wherein the query is intended to correctly identify the offload protocol stack of the network adapter, wherein the query includes an implicit query, and wherein the response includes an implicit response, wherein the query is designed to be used against a specific protocol stack with a known exploitable error.